Another great book on Snort and Ethereal is "Hack the Stack". It is from a whitehat/CEH perspective.
On May 25, 2009, at 11:01 AM, "Stephen Mullins" <[email protected] > wrote: > All of the information you need is available on the web. Just google > your way through this. At the end of it all you should be pretty well > versed in Snort and associated tasks (sensor placement etc.). > > Have fun with it. I'm a little envious that you get to do this > security build out from scratch. I have resorted to deploying Snort > on my home network to get that experience. If you aren't set on an > analysis front end yet I suggest Sguil, of which I am a big fan. > > Steve Mullins > > On Wed, May 20, 2009 at 6:25 PM, ubernewbie <[email protected] > > wrote: >> >> I work for a small company with a hub/spoke network. I've been >> tasked with >> setting up an IDS(Snort) to begin monitoring security related >> events and >> basically build out a security program/infrastructure. Do any of >> you have >> any good sites/forums that go into the process of intrusion >> detection. I can >> get the alerts from snort but there are so many that it it's hard >> to make >> heads or tails. I'm looking for ideas on what to look for and what >> to pay >> specific attention to. Also any good websites that alert/explain new >> vulnerabilities would be great. Any help would be appreciated. >> -- >> View this message in context: >> http://www.nabble.com/Need-help-info-tp23644667p23644667.html >> Sent from the IDS (Intrusion Detection System) mailing list archive >> at Nabble.com. >> >> >> >> > >
